More on the voting machine…

More on the voting machine expose

This is explosive stuff. Bev Harris, a long time researcher into voting machines, details how Diebold voting machines have huge security holes, triple sets of books, and make it easy to change votes.

The story is now on multiple sites due to heavy traffic. Original site. Mirror site. Text in maroon italics are my comments.


For both optical scans and touch screens operating using Diebold election systems, the voting system works like this:

Voters vote at the precinct, running their ballot through an optical scan, or entering their vote on a touch screen.

After the polls close, poll workers transmit the votes that have been accumulated to the county office. They do this by modem. < Is the data sent encrypted? If so, what encryption method is used? If not, why not? >

At the county office, there is a “host computer” with a program on it called GEMS.

GEMS receives the incoming votes and stores them in a vote ledger. But then, we found, it makes another set of books with a copy of what is in vote ledger 1. And at the same time, it makes yet a third vote ledger with another copy. < Triple sets of books? TRIPLE SETS OF BOOKS??? >

The Elections Supervisor never sees these three sets of books. All she sees is the reports she can run: Election summary (totals, county wide) or a detail report (totals for each precinct). She has no way of knowing that her GEMS program is using multiple sets of books, because the GEMS interface draws its data from an Access database, which is hidden. < Access is the toy of the database world. What’s worse, the Access databases do not appear to be encrypted >

And here is what is quite odd: On the programs we tested, the Election summary (totals, county wide) come from the vote ledger 2 instead of vote ledger 1.

Now, think of it like this: You want the report to add up ONLY the ACTUAL votes. But, unbeknownst to the election supervisor, votes can be added and subtracted from vote ledger 2, so that it may or may not match vote ledger 1. Her official report comes from vote ledger 2, which has been disengaged from vote ledger 1. < In other words, votes in Set 2 can be changed and will then be tallied as the ‘real’ votes >

If she asks for a detailed report for some precincts, though, her report comes from vote ledger 1. Therefore, if you keep the correct votes in vote ledger 1, a spot check of detailed precincts (even if you compare voter-verified paper ballots) will always be correct. < So, one can change votes in Set 2, while Set 1 continues to show that no changes have been made. This system is so seriously compromised it is difficult to see how this could be due to mere incompetence >

And what is vote ledger 3 for? For now, we are calling it the “Lord Only Knows” vote ledger. < I’ll make the wild and crazy statement that triple sets of books that allow data to be changed while reporting no changes have been made are not what the accounting world calls GAAP (Generally Accepted Accounting Principles) >

From a programming standpoint, there might be reasons to have a special vote ledger that disengages from the real one. < As a database programmer who has written many accounting applications I see no possible programming reason for triple sets of books. None. If they were being used for a backup in case one set got damaged, then the files should be readonly and impossible to alter. That clearly is not the case here.>

From an accounting standpoint, using multiple sets of books is NOT OKAY. From an accounting standpoint, the ONLY thing the totals report should add up is the original votes in vote ledger 1. Proper bookkeeping NEVER allows an extra ledger that can be used to just erase the original information and add your own. And certainly, it is improper to have the official reports come from the second ledger, the one which may or may not have information erased or added.”

There’s more.

Part 1 – Can the votes be changed?

Part 2 – Can the password be bypassed?

Part 3 – Can the audit trail be altered?

Her answer to all three questions is Yes.

Comments are closed.

Powered by WordPress. Designed by WooThemes